/**
* notice_list function.
*
* @access public
* @return void
*/
function notice_login()
{
$_arr_noticeGet = $this->obj_notice->notice_get("get");
if ($_arr_noticeGet["alert"] != "ok") {
$this->obj_notice->halt_re($_arr_noticeGet);
}
$_tm_now = time();
if ($_arr_noticeGet["time"] - $_tm_now > 300) {
$_arr_return = array("alert" => "x220213");
$this->obj_notice->halt_re($_arr_return);
}
$_arr_signature = $this->obj_sso->sso_verify($_arr_noticeGet["time"], $_arr_noticeGet["random"], $_arr_noticeGet["signature"]);
if ($_arr_signature["alert"] != "y050403") {
$this->obj_notice->halt_re($_arr_signature);
}
$_arr_decode = $this->obj_sso->sso_decode($_arr_noticeGet["code"], $_arr_noticeGet["key"]);
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_decode["user_id"]);
if ($_arr_adminRow["alert"] != "y020102") {
$this->obj_notice->halt_re($_arr_adminRow);
}
if ($_arr_adminRow["admin_status"] == "disable") {
$_arr_return = array("alert" => "x020401");
$this->obj_notice->halt_re($_arr_return);
}
$_str_rand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_decode["user_id"], $_str_rand);
fn_session("admin_id", "mk", $_arr_decode["user_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand));
$this->obj_notice->halt_re($_arr_adminRow);
}
/**
* ctl_login function.
*
* @access public
* @return void
*/
function ctl_login()
{
$_arr_adminLogin = $this->mdl_admin->input_login();
if ($_arr_adminLogin["alert"] != "ok") {
return $_arr_adminLogin;
exit;
}
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_adminLogin["admin_name"], "admin_name");
if ($_arr_adminRow["alert"] != "y020102") {
return $_arr_adminRow;
exit;
}
if (fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_arr_adminRow["admin_rand"]) != $_arr_adminRow["admin_pass"]) {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020207");
exit;
}
if ($_arr_adminRow["admin_status"] != "enable") {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020402");
exit;
}
$_str_adminRand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_adminRow["admin_id"], fn_baigoEncrypt($_arr_adminLogin["admin_pass"], $_str_adminRand), $_str_adminRand);
fn_session("admin_id", "mk", $_arr_adminRow["admin_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_adminRand));
return array("admin_id" => $_arr_adminLogin["admin_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020201");
}
function ajax_chk()
{
$_str_seccode = strtolower(fn_get("seccode"));
if ($_str_seccode != fn_session("seccode")) {
$this->obj_ajax->halt_re("x030101");
}
$arr_re = array("re" => "ok");
exit(json_encode($arr_re));
}
/**
* ajax_check function.
*
* @access public
* @return void
*/
function ajax_check()
{
$seccode = fn_getSafe(fn_get("seccode"), "txt", "");
if (strtolower($seccode) == fn_session("seccode")) {
$_str_alert = "ok";
} else {
$_str_alert = $this->alert["x030101"];
}
$arr_re = array("re" => $_str_alert);
exit(json_encode($arr_re));
}
/**
* ctl_login function.
*
* @access public
* @return void
*/
function ctl_login()
{
$_arr_adminLogin = $this->input_login();
if ($_arr_adminLogin["alert"] != "ok") {
return $_arr_adminLogin;
exit;
}
$_arr_ssoLogin = $this->obj_sso->sso_login($_arr_adminLogin["admin_name"], $_arr_adminLogin["admin_pass"]);
//sso验证
if ($_arr_ssoLogin["alert"] != "y010401") {
$_arr_ssoLogin["forward"] = $_arr_adminLogin["forward"];
return $_arr_ssoLogin;
exit;
}
$_arr_adminRow = $this->mdl_admin->mdl_read($_arr_ssoLogin["user_id"]);
//本地数据库处理
if ($_arr_adminRow["alert"] != "y020102") {
$_arr_adminRow["forward"] = $_arr_adminLogin["forward"];
return $_arr_adminRow;
exit;
}
if ($_arr_adminRow["admin_status"] == "disable") {
return array("forward" => $_arr_adminLogin["forward"], "alert" => "x020401");
exit;
}
$_str_rand = fn_rand(6);
$this->mdl_admin->mdl_login($_arr_ssoLogin["user_id"], $_str_rand);
fn_session("admin_id", "mk", $_arr_ssoLogin["user_id"]);
fn_session("admin_ssin_time", "mk", time());
fn_session("admin_hash", "mk", fn_baigoEncrypt($_arr_adminRow["admin_time"], $_str_rand));
if (defined("BG_SSO_SYNLOGON") && BG_SSO_SYNLOGON == "on") {
$_arr_sync = $this->obj_sso->sso_sync_login($_arr_ssoLogin["user_id"]);
echo $_arr_sync["html"];
}
exit;
return array("admin_id" => $_arr_ssoLogin["user_id"], "forward" => $_arr_adminLogin["forward"], "alert" => "y020401");
}
public function secDo()
{
$this->createCode();
$this->createBg();
$this->createLine();
$this->createFont();
$this->secOutput();
fn_session("seccode", "mk", strtolower($this->code));
}
/**
* fn_ssin_end function.
*
* @access public
* @return void
*/
function fn_ssin_end()
{
fn_session("admin_id", "unset");
fn_session("admin_ssin_time", "unset");
fn_session("admin_hash", "unset");
}
/**
* fn_token function.
*
* @access public
* @param string $token_action (default: "mk")
* @param string $token_method (default: "post")
* @param string $cookie_method (default: "post")
* @return void
*/
function fn_token($token_action = "mk", $session_method = "post", $cookie_method = "cookie")
{
switch ($token_action) {
case "chk":
switch ($session_method) {
case "get":
$_str_tokenSession = fn_getSafe(fn_get("token_session"), "txt", "");
break;
default:
$_str_tokenSession = fn_getSafe(fn_post("token_session"), "txt", "");
break;
}
switch ($cookie_method) {
case "get":
$_str_tokenCookie = fn_getSafe(fn_get("token_cookie"), "txt", "");
break;
case "post":
$_str_tokenCookie = fn_getSafe(fn_post("token_cookie"), "txt", "");
break;
default:
$_str_tokenCookie = fn_cookie("token_cookie");
break;
}
if (BG_SWITCH_TOKEN == true) {
if ($_str_tokenSession != fn_session("token_session") || $_str_tokenCookie != fn_session("token_cookie")) {
$_str_return = false;
} else {
$_str_return = true;
}
} else {
$_str_return = true;
}
break;
default:
if (BG_SWITCH_TOKEN == true) {
$_num_tokenSessionDiff = fn_session("token_session_time") + 300;
//session有效期
if (!fn_session("token_session") || !fn_session("token_session_time") || $_num_tokenSessionDiff < time()) {
$_str_tokenSession = fn_rand();
fn_session("token_session", "mk", $_str_tokenSession);
fn_session("token_session_time", "mk", time());
} else {
$_str_tokenSession = fn_session("token_session");
}
$_num_tokenCookieDiff = fn_session("token_cookie_time") + 300;
//cookie有效期
if (!fn_session("token_cookie") || !fn_session("token_cookie_time") || $_num_tokenCookieDiff < time()) {
$_str_tokenCookie = fn_rand();
fn_session("token_cookie", "mk", $_str_tokenCookie);
fn_session("token_cookie_time", "mk", time());
} else {
$_str_tokenCookie = fn_session("token_cookie");
}
$_str_return = $_str_tokenSession;
fn_cookie("token_cookie", "mk", $_str_tokenCookie);
}
break;
}
return $_str_return;
}
/** 令牌生成、校对
* fn_token function.
*
* @access public
* @param string $token_action (default: "mk")
* @param string $token_method (default: "post")
* @return void
*/
function fn_token($token_action = "mk")
{
if (fn_isEmpty(fn_session("admin_hash"))) {
$_str_nameSession = "token_session";
$_str_nameCookie = "token_cookie";
} else {
$_str_tokenName = fn_session("admin_hash");
$_str_nameSession = "token_session_" . $_str_tokenName;
$_str_nameCookie = "token_cookie_" . $_str_tokenName;
}
switch ($token_action) {
case "chk":
$_str_nameSession = fn_getSafe(fn_post($_str_nameSession), "txt", "");
$_str_nameCookie = fn_cookie($_str_nameCookie);
if (BG_SWITCH_TOKEN == 1) {
if ($_str_nameSession != fn_session($_str_nameSession) || $_str_nameCookie != fn_session($_str_nameCookie)) {
$_str_return = false;
} else {
$_str_return = true;
}
} else {
$_str_return = true;
}
break;
default:
if (BG_SWITCH_TOKEN == 1) {
if (fn_isEmpty(fn_session($_str_nameSession))) {
$_str_tokenSession = fn_rand();
fn_session($_str_nameSession, "mk", $_str_tokenSession);
} else {
$_str_tokenSession = fn_session($_str_nameSession);
}
if (fn_isEmpty(fn_session($_str_nameCookie))) {
$_str_tokenCookie = fn_rand();
fn_session($_str_nameCookie, "mk", $_str_tokenCookie);
} else {
$_str_tokenCookie = fn_session($_str_nameCookie);
}
$_str_return = $_str_tokenSession;
fn_cookie($_str_nameCookie, "mk", $_str_tokenCookie);
}
break;
}
return array("token" => $_str_return, "name_session" => $_str_nameSession, "name_sookie" => $_str_nameCookie);
}
